Hi there everyone, just wondered if you could help me with this login scipt.
I've tried to customise a script that I found on a website, but it dosn't
seem to be working.
Here is the scipt that isn't working.
<?php
// database connect script.
require 'includes/connection.php';
require 'includes/check_login.php';
if($logged_in == 1) {
die('You are already logged in, '.$_SESSION['username'].'.');
}
?>
<html>
<head>
<title>Login</title>
</head>
<body>
<?php
if (isset($_POST['submit'])) { // if form has been submitted
/* check they filled in what they were supposed to and authenticate */
if(!$_POST['username'] | !$_POST['password']) {
die('You did not fill in a required field.');
}
// authenticate.
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$check = mysql_query("SELECT username, password FROM users WHERE
username = '".$_POST['username']."'");
// check passwords match
$_POST['password'] = stripslashes($_POST['password']);
$info['password'] = stripslashes($info['password']);
$_POST['password'] = $_POST['password'];
if ($_POST['password'] != $info['password']) {
die('Incorrect password, please try again.');
}
// if we get here username and password are correct,
//register session variables and set last login time.
$date = date('m d, Y');
$update_login = mysql_query("UPDATE users SET last_login = '$date' WHERE
username = '".$_POST['username']."'");
$_POST['username'] = stripslashes($_POST['username']);
$_SESSION['username'] = $_POST['username'];
$_SESSION['password'] = $_POST['password'];
$mysql_disconnect();
?>
<h1>Logged in</h1>
<p>Welcome back <?php echo $_SESSION['username']; ?>, you are logged in.</p>
<?php
} else { // if form hasn't been submitted
?>
<h1>Login</h1>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="password" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
</body>
</html>
I will also include the .php file incase the text above dosn't read well.
Basically, the page always returns 'Incorrect Password, please try again',
and I can't work out why. I've tried with two different accounts, and
neither are working. (I am 100% sure that I am entering usernames/passwords
correctly).
Thanks for any help with this, I can't for the life of me figure this out.
Regards,
Alex.
<?php
// database connect script.
require 'includes/connection.php';
require 'includes/check_login.php';
if($logged_in == 1) {
die('You are already logged in, '.$_SESSION['username'].'.');
}
?>
<html>
<head>
<title>Login</title>
</head>
<body>
<?php
if (isset($_POST['submit'])) { // if form has been submitted
/* check they filled in what they were supposed to and authenticate */
if(!$_POST['username'] | !$_POST['password']) {
die('You did not fill in a required field.');
}
// authenticate.
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$check = mysql_query("SELECT username, password FROM users WHERE username = '".$_POST['username']."'");
// check passwords match
$_POST['password'] = stripslashes($_POST['password']);
$info['password'] = stripslashes($info['password']);
$_POST['password'] = $_POST['password'];
if ($_POST['password'] != $info['password']) {
die('Incorrect password, please try again.');
}
// if we get here username and password are correct,
//register session variables and set last login time.
$date = date('m d, Y');
$update_login = mysql_query("UPDATE users SET last_login = '$date' WHERE username = '".$_POST['username']."'");
$_POST['username'] = stripslashes($_POST['username']);
$_SESSION['username'] = $_POST['username'];
$_SESSION['password'] = $_POST['password'];
$mysql_disconnect();
?>
<h1>Logged in</h1>
<p>Welcome back <?php echo $_SESSION['username']; ?>, you are logged in.</p>
<?php
} else { // if form hasn't been submitted
?>
<h1>Login</h1>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="password" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
</body>
</html>
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
